Version: svn (using KDE 4.6.2) OS: Linux After applying a list style, then deleting the entire line using Backspace, then pressing "Undo", Words will crash. Reproducible: Always Steps to Reproduce: 1) Start Words with a blank document. 2) Apply a list style such as bullet list to the empty line. 3) Press Backspace two times. 4) Press "Undo Change List" in toolbar. 5) Crash. See attached backtrace. Actual Results: Crash. See attached backtrace. Expected Results: Not crash. Running Git master, rev d64665c433994998b51ba890a0dcffcbb50f4d67.
Created attachment 59610 [details] The backtrace from the crash.
I wasn't able to reproduce the crash using the steps but after I did undo and pressed redo I got; [KCrash Handler] #6 0xafbe0091 in QHash<int, KoList*>::value (this=0x8643de4, akey=@0xbfe331c4) at /usr/include/QtCore/qhash.h:607 #7 0xafbde8cd in ChangeListCommand::redo (this=0x8643dc0) at /home/kdab/src/kde/calligra/plugins/textshape/commands/ChangeListCommand.cpp:224 #8 0xb64d93e8 in QUndoStack::redo() () from /usr/lib/libQtGui.so.4 #9 0xb64ff1a0 in QUndoStack::qt_metacall(QMetaObject::Call, int, void**) () from /usr/lib/libQtGui.so.4 #10 0xb683df93 in KUndoStack::qt_metacall(QMetaObject::Call, int, void**) () from /usr/lib/libkdeui.so.5 #11 0xb57e28cd in QMetaObject::metacall(QObject*, QMetaObject::Call, int, void**) () from /usr/lib/libQtCore.so.4 #12 0xb57f2a2c in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/lib/libQtCore.so.4 #13 0xb5dca2bd in QAction::triggered(bool) () from /usr/lib/libQtGui.so.4 #14 0xb5dca55b in QAction::activate(QAction::ActionEvent) () from /usr/lib/libQtGui.so.4 #15 0xb627cfe5 in ?? () from /usr/lib/libQtGui.so.4 #16 0xb6283c07 in ?? () from /usr/lib/libQtGui.so.4 #17 0xb6284ad5 in QMenu::mouseReleaseEvent(QMouseEvent*) () from /usr/lib/libQtGui.so.4 #18 0xb684655c in KMenu::mouseReleaseEvent(QMouseEvent*) () from /usr/lib/libkdeui.so.5 #19 0xb5e2c5b0 in QWidget::event(QEvent*) () from /usr/lib/libQtGui.so.4 So, there is something very fishy with the way the ChangeListCommand works.
The reason for the crash named in comment #2 is that at ChangeListCommand.cpp:223+224 we do; m_list.value(i)->updateStoredList(m_blocks.at(i)); KoListStyle *listStyle = m_list.value(i)->style(); The call to KoList::updateStoredList does; textList->setFormat(format); what changes the QTextBlock and seems to invalidate the KoList (maybe even the QTextBlock's?) what then results in a crash the next line.
A patch is poste for review here https://git.reviewboard.kde.org/r/101301/
Fantastic. Lot of thanks! So, can we close the report now?
I just updated and I still get the crash, even with Gopal's fix. This is how I provoke the crash: http://dl.dropbox.com/u/22350696/list-undo-crash.ogv So you really can't reproduce?
was a problem loading old kwd template kwd support is now removed, hence bug closed